Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa
File:                     nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa (raw, json)
Hash identifier:          HPDpf14lqPxG/21+hpYAr+xYi6h6f22nCMyEO/T4p9w=
Subject key identifier:   9D:3E:D5:35:FE:8E:24:BB:FF:39:26:92:F5:CF:45:7B:C2:BD:1D:4E
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01893A5536B6791E9188EA1496AF817520C8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa
Signing time:             Sun 09 Jul 2023 11:06:50 +0000
ROA not before:           Sun 09 Jul 2023 11:06:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.99.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.254.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.223.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Jul 2023 16:34:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3a:55:36:b6:79:1e:91:88:ea:14:96:af:81:75:20:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul  9 11:06:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d3ed535fe8e24bbff392692f5cf457bc2bd1d4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:89:63:9c:f6:b6:87:a6:48:0a:ca:34:47:fc:
                    2f:83:7e:da:e2:f8:2e:0a:e5:c6:f1:52:a6:f0:01:
                    3c:2f:8a:ab:95:69:e7:d3:20:98:be:da:96:76:4c:
                    bb:88:38:43:fb:7a:d9:dc:26:b7:0c:b1:7d:d4:24:
                    d5:cb:6c:3a:70:e6:22:40:96:a8:19:7d:64:81:0f:
                    85:97:e0:a9:a8:32:7a:4f:91:ab:30:0b:73:cb:37:
                    4a:fd:15:86:a4:a3:27:d5:fa:cc:2a:31:f0:6e:b3:
                    1d:ba:c5:f5:eb:76:ea:a7:5e:8b:ef:68:a4:57:57:
                    93:83:ae:f9:0c:30:99:57:29:90:70:eb:cb:dd:cc:
                    a0:d1:97:15:ab:e2:50:df:da:95:b5:3a:1c:7a:7e:
                    20:cd:6b:65:f1:30:8e:82:7a:a5:e4:ea:84:fc:c3:
                    48:fd:af:d2:d7:47:c9:79:d4:2a:16:8b:88:94:7e:
                    da:a2:09:72:33:5e:15:89:cf:3c:e0:d8:f5:0b:9a:
                    7c:ac:12:71:44:7c:97:b5:57:df:5a:d7:5e:36:44:
                    a6:f4:8e:b6:77:59:cc:94:4f:3b:7b:14:e9:0e:ae:
                    2b:03:b3:61:08:f3:40:27:70:34:7c:dc:6d:f9:72:
                    84:cc:d1:0e:12:ed:1d:dd:83:f1:e7:7a:2c:e5:bf:
                    be:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:3E:D5:35:FE:8E:24:BB:FF:39:26:92:F5:CF:45:7B:C2:BD:1D:4E
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.62.0/24
                  163.5.99.0/24
                  163.5.127.0/24
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.161.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.216.0/24
                  163.5.221.0/24
                  163.5.223.0/24
                  163.5.226.0/24
                  163.5.230.0/24
                  163.5.248.0/24
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:0e:41:d6:1e:48:fb:8a:10:14:e4:e4:e7:ad:30:e1:6d:f8:
         de:78:57:d2:25:6c:0b:ad:11:ee:e4:59:16:25:ad:22:b8:b7:
         b3:b3:f9:cf:8d:a0:ac:6f:01:bd:64:85:b2:d5:d9:9a:98:63:
         e9:e2:e3:19:ff:0c:76:ca:75:70:e6:12:57:e9:0a:91:38:f3:
         e5:2a:3c:d5:d7:64:7d:35:52:d8:6a:9c:75:a2:7a:60:3d:09:
         aa:90:2a:e2:4f:e1:0a:51:48:88:b1:4b:1f:4e:0e:09:a0:01:
         10:f3:5b:f4:b7:e6:85:e9:75:32:88:1a:74:59:57:e3:29:36:
         63:62:2e:54:1c:1f:77:e6:82:f9:62:b1:fa:80:6c:cc:5f:eb:
         0d:93:fa:99:bd:33:a2:73:84:03:83:2f:b9:8f:46:4f:1a:52:
         3c:43:36:9e:bd:9e:55:4c:00:74:47:17:9b:52:eb:4e:3e:a6:
         76:ea:09:f2:b4:24:56:7f:bb:43:86:72:39:8c:25:a9:f5:48:
         73:04:cb:b6:53:04:a5:82:ed:9b:41:dc:ca:b7:f6:9e:19:db:
         55:e1:9e:58:2a:e0:af:69:7d:29:de:5b:7b:7c:da:21:13:1c:
         a3:e7:73:5a:81:50:19:c8:09:3b:e5:f3:c1:c9:06:2a:a8:42:
         fe:28:23:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYk6VTa2eR6RiOoUlq+BdSDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzA5MTEwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNlZDUzNWZlOGUyNGJiZmYzOTI2OTJmNWNmNDU3YmMyYmQxZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIljnPa2h6ZICso0R/wvg37a4vgu
CuXG8VKm8AE8L4qrlWnn0yCYvtqWdky7iDhD+3rZ3Ca3DLF91CTVy2w6cOYiQJao
GX1kgQ+Fl+CpqDJ6T5GrMAtzyzdK/RWGpKMn1frMKjHwbrMdusX163bqp16L72ik
V1eTg675DDCZVymQcOvL3cyg0ZcVq+JQ39qVtTocen4gzWtl8TCOgnql5OqE/MNI
/a/S10fJedQqFouIlH7aoglyM14Vic884Nj1C5p8rBJxRHyXtVffWtdeNkSm9I62
d1nMlE87exTpDq4rA7NhCPNAJ3A0fNxt+XKEzNEOEu0d3YPx53os5b++NQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJ0+1TX+jiS7/zkmkvXPRXvCvR1OMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvblQ3Vk5mNk9KTHZfT1NhUzljOUZlOEs5SFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAowUfAwQA
owUjAwQAowU+AwQAowVjAwQAowV/AwQAowWIAwQAowWKAwQAowWhAwQAowXKAwQB
owXSAwQAowXYAwQAowXdAwQAowXfAwQAowXiAwQAowXmAwQAowX4AwQAowX+MA0G
CSqGSIb3DQEBCwUAA4IBAQCoDkHWHkj7ihAU5OTnrTDhbfjeeFfSJWwLrRHu5FkW
Ja0iuLezs/nPjaCsbwG9ZIWy1dmamGPp4uMZ/wx2ynVw5hJX6QqROPPlKjzV12R9
NVLYapx1onpgPQmqkCriT+EKUUiIsUsfTg4JoAEQ81v0t+aF6XUyiBp0WVfjKTZj
Yi5UHB935oL5YrH6gGzMX+sNk/qZvTOic4QDgy+5j0ZPGlI8QzaevZ5VTAB0Rxeb
UutOPqZ26gnytCRWf7tDhnI5jCWp9UhzBMu2UwSlgu2bQdzKt/aeGdtV4Z5YKuCv
aX0p3lt7fNohExyj53NagVAZyAk75fPByQYqqEL+KCOV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org